CN1353365A - Use method of safety cipher in nonsafety programming environment - Google Patents
Use method of safety cipher in nonsafety programming environment Download PDFInfo
- Publication number
- CN1353365A CN1353365A CN01137830A CN01137830A CN1353365A CN 1353365 A CN1353365 A CN 1353365A CN 01137830 A CN01137830 A CN 01137830A CN 01137830 A CN01137830 A CN 01137830A CN 1353365 A CN1353365 A CN 1353365A
- Authority
- CN
- China
- Prior art keywords
- password
- routine
- memory
- private data
- operating system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/2284—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing by power-on test, e.g. power-on self test [POST]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Quality & Reliability (AREA)
- Storage Device Security (AREA)
Abstract
During power up initialization, security data such as passwords and other sensitive data which are stored in a lockable memory device are read and copied to protected system management interrupt (SMI) memory space, subject to verification by code running in the SMI memory space that the call to write the security data originates with a trusted entity. Once copied to SMI memory space, the security data is erased from regular system memory and the lockable storage device is hard locked (requiring a reset to unlock) against direct access prior to starting the operating system. The copy of the security data within the SMI memory space is invisible to the operating system. However, the operating system may initiate a call to code running in the SMI memory space to check a password entered by the user, with the SMI code returning a 'match' or 'no match' indication. The security data may thus be employed after the lockable memory device is hard locked and the operating system is started.
Description
Technical field
The present invention relates generally to the data handling system access control, particularly relates to out the cipher control visit during the electric initialization.In particular, the present invention relates to out during the electric initialization, when operating system is approved used password, the safeguard protection of this password.
Background technology
A lot of personal computer systems used various passwords to dispose the control system behavior before os starting.For example, when the multi-user uses a system, be selected operating system performance, user's specific properties of available password setting " parameter selection " or operating system behavior.
A potential safety problem goes out at password how to be stored in the system.Particularly on low-cost system, this type of password generally is stored in the CMOS memory, and program of operation can be read it at an easy rate behind the os starting.Can adopt a lot of memory technologies to store password, make it than the more difficult visit of common ASCII text string.Such as storage keyboard scan code string, and the Hash table of storage ASCII text string or keyboard scancode string.
Safest password storage technology is that password is stored in the nonvolatile memory, and this storer can be by " extremely " lock (being that release need reset) before os starting.In some systems, the information of other several sensitivities (such as the order of starting outfit tabulation) but also be stored in this lock memory.
Because this technology prevents access code behind os starting, in other any environment of non-" before starting " environment, do not access to your password.Yet, in some cases, may after starting the operating system, come the verified users identity with password in operation.
Thereby, may need a kind of like this mechanism, can safeguard the safety of " before starting " password, allow behind os starting, to use these passwords simultaneously again.
Summary of the invention
Therefore, a target of the present invention is that improved data handling system access control is provided.
Another target of the present invention is after reaching during opening electric initialization, to provide improved cipher control visit.
The present invention also has a target to be exactly, and a kind of like this mechanism is provided, and can guarantee the safety of used password during opening electric initialization, allows again to use this password by operating system.
How explanation now reaches above-mentioned target.During opening electric initialization; private data (but such as the password of storing in the lock memory and other sensitive data) is read and copies to shielded system management interrupt (SMI) memory headroom; accept the code check that moves in the SMI memory headroom, whether checking writes the order of private data from trusted entity.In a single day private data copies to the SMI memory headroom, just from the conventional system internal memory, delete, but lock memory by deadlock (unlock and need reset) in case the direct visit before starting the operating system.Private data backup in the SMI memory headroom is sightless to operating system.On the other hand, operating system can send an order to the code that moves in the SMI memory headroom, detects the user and inputs password, and return " coupling " or " not matching " indication with the SMI code.Therefore, but lock memory by deadlock and start the operating system after, just can use private data.
Above-mentioned and other target, function and advantage of the present invention, it is very clear to become in the detailed description below.
Brief description of drawings
The new function of tool notable feature of the present invention illustrates in the claim of back.With reference to following detailed description to embodiment, and in conjunction with the accompanying drawings, this invention itself, preferred Implementation Modes and other further target and advantage will get the best understanding.Wherein:
Fig. 1 is the high-level block diagram of a data disposal system, and the preferred embodiments of the present invention are carried out in this system;
Fig. 2 is the high level flow chart of a process, according to a preferred embodiment of the invention, during opening electric initialization, this process is gathered private data from nonvolatile memory, guarantee the safety of data in these SMI memory headrooms, so that in operating system environment, use after a while;
Fig. 3 is the high level flow chart of a process, according to a preferred embodiment of the invention, checks the validity of carrying out the required password of specific operation.
Embodiment
Referring now to accompanying drawing, particularly Fig. 1 describes a higher level module figure who has implemented the data handling system of the preferred embodiment of the present invention.Data handling system 102 comprises a processor 104, and it is connected with system bus 108 by cache memory 106.Various storeies commonly used are connected on the system bus 108, and they comprise Installed System Memory 110 (typical random storer), one group of non-volatile ROM (read-only memory) (ROM) and/or Electrically Erasable Read Only Memory (EEPROM) 112.In the present invention, data handling system 102 also comprises the EEPROM equipment 114 of one " lockable ", and it can be by deadlock before os starting, and release need reset.
Be connected in nonvolatile memory 116 (such as hard disk drive) and one group of user's I/O (I/O) equipment 118 in addition on the system bus 108, it generally includes keyboard, mouse or other cursor control (" pointer ") equipment.Other storage medium (such as CR-ROM or DVD driver, floppy disk etc.), and other user I/O equipment (such as microphone, loudspeaker/earphone etc.) also can be used in the data handling system 102.
Operating in the correlation technique of data handling system 102 is widely known by the people, and will only describe here and understand operation required for the present invention.Data handling system 102 initially open electricity (generally being called " power-on self-test " or " POST ") during, a startup routine that comprises basic input/output (BIOS) 120, be loaded in the Installed System Memory 110 by nonvolatile memory 112, by the loading equipemtn driver and/or systematic parameter etc. is set carries out this routine with the various hardware devices in the configuration data disposal system 102.Subsequently, operating system loads from nonvolatile memory 116 and starts.
Before os starting, start the routine prompts user and input password.In case the user inputs password, relatively input password and lock memory 114 password of depositing but start routine.If coupling starts the operating system; If do not match, operating system or do not start, or lack some functions after starting.In any case before starting the operating system, but lock memory 114 will be by deadlock, in case the program of moving on the operating system is to any direct visit of its content.
Will be outside starting " before the guiding " environment of routine also can applied cryptography, then in system starting process, as BIOS during still in complete control data disposal system 102, but then read the lock memory 114 that comprises password and other sensitive data, and with its content replication in the secret subregion 122 of Installed System Memory 110.122 pairs of operating systems of the secret subregion of Installed System Memory 110 are sightless, visit the content of secret subregion 122, the method for the regulation of must combining closely.
For the Intel compatible processor, the kept secure zone 122 in the example 102 is system management interrupt (SMI) memory headrooms.That the SMI memory headroom comprises is rudimentary, operating system required code and data of system control function independently, and adopt a kind of method, verify whether the calling program that request is put into the SMI memory headroom with data is trusted entity (BIOS starts routine and belongs to this trusted entity).For the processor of other type, can use a similar limited storage space, its (1) is sightless for the program of moving under operating system and the operating system, and (2) are limited to the visit trusted entity.
After password and other sensitive data are copied to the SMI memory headroom, but lock memory 114 by deadlock to guarantee content safety, avoid direct access by the program of moving under the operating system.Since password and other sensitive data are still available in the SMI memory headroom, they are also still available behind booting operating system.
With reference to Fig. 2, this is the high level flow chart of a process, according to a preferred embodiment of the invention, and during opening electric initialization, from nonvolatile memory, gather private data, and guarantee that the safety of these data in the SMI memory headroom is so that use after a while in operating system environment.This flow chart description which step carry out by conventional POST code, which step is carried out by the code of SMI memory headroom operation.
Process,, provides to open and replies a signal by cable during opening electric initialization (POST) in this step from step 202, as to system power-up (power supply disconnection before) or result that certain input-output apparatus in the system is write.Open the lock-out state of electric reseting signal reset nonvolatile memory (EEPROM in the example), this storer comprises password and other sensitive data, and the content that allows use POST bios code to read EEPROM.
Process is at first carried out to step 204, in this step, private data (password and other sensitive data) is loaded into the conventional system internal memory by EEPROM, execution in step 206 subsequently, in this step, with " obtain private data and send into the SMI internal memory " order, call the code in the SMI memory headroom by conventional memory.The code of initialization SMI space motion, command calls standard and transmission all are well-known technology according to methods such as pointers, no longer repeat here.
For next step, importantly, when the code that moves in the POST code call SMI space, sign is placed in the source code immediately following the order of calling the SMI code.When compilation BIOS, for ease of next step operation, the address of this sign is placed in the SMI code.In the bios code, have only a position can send, make the SMI code can determine that this calls whether from " credible " calling program simultaneously the calling of SMI code.
Process is execution in step 208 subsequently, judges in this step whether request is first request.In the example,,, make and have only a request can copy data to the SMI memory headroom by being limited to single request to the ability of SMI memory headroom copy data for open the electricity cycle at every turn.Also can select other similar time slot scrambling for use, restriction is to SMI memory headroom copy data.If the request at step 208 place is determined non-first request, then the process execution in step 214; If first request, then the process execution in step 210, whether check return address (be used for judging whether call from the unique trust routine in the BIOSPOST code) in this step on storehouse, execution in step 212 then, judge in this step and call from the trust routine in the BIOSPOST code.If not, process execution in step 214 is returned calling program immediately in this step, and any operation is not done in the private data district of SMI memory headroom.If call and be not trust routine from BIOS POST, call in fact and be cancelled, stop the invasion and attack of attempting pseudo-private data is loaded into the program of SMI memory headroom simultaneously.
If call from the credible calling program in the BIOS POST code, then the process execution in step 216, and the code that moves in this step SMI memory headroom moves into the SMI memory headroom with private data from the conventional system internal memory.The SMI memory headroom is sightless for the code of conventional system internal memory operation, and the Any Application of carrying out during for operating system is not always the case.Process is execution in step 218 subsequently, and the private data in this step for visit SMI memory headroom resets retryCounter.
By step 214 or 218, process is carried out to step 220, in this step, and the private data in the deletion conventional system internal memory, and send order to EEPROM, " deadlock " EEPROM (that is, reads among the EEPROM data and returns sky in case any attempt that reads or writes EEPROM; It is invalid to write data to EEPROM).This " deadlock " state has only by aforementioned opening replies a signal (relevant with step 202) by cable and could remove.
Process is execution in step 222 subsequently, in the BIOS of this step operation any " unreliable " expansion, and the load operation system, execution in step 224 then, and herein, process is paused until providing reset signal once more.
Referring now to Fig. 3, the high level flow chart of a process is described, according to a preferred embodiment of the invention, the validity of the required password of specific operation is carried out in this process check.Although this example refers explicitly to password,, obviously also it can be expanded to other type sensitive data to those persons skilled in the art.Process starts from step 302, in this step, and the application program of moving under the operating system, the code that calls in the SMI memory headroom determines whether be provided with password in the system.
Process is carried out to step 304, and whether the private data in this step SMI code check SMI memory headroom exists with definite password, and returns "Yes" or "No" response calling program, shows whether be provided with password.Process is execution in step 306 subsequently, and the application program of moving under this step operating system judges whether to require password according to response.If be provided with password, process execution in step 308, the application prompts user who moves under this step operating system imports a password string, and calls the SMI code and judge whether the string that inputs password mates the password string in the SMI memory headroom.
Process is carried out to step 310, adds 1 at this step retryCounter (resetting in the step 216 of Fig. 2), follows execution in step 312, but judges in this step whether the retryCounter value exceeds the maximum number of predetermined retry.This step is not when matching with SMI password that memory headroom is deposited user's input password, only allow retry several times, attempt by submitting to different passwords to come decryption (application program of for example, moving provides a dictionary) repeatedly under operating system to stop some codes.
If the retryCounter value exceeds the maximum number that allows retry, process execution in step 314 is returned " not matching " indication in the application program that this step is moved under operating system.If the retryCounter value does not exceed the maximum number that allows retry, then the process execution in step 316, are contrast at this step SMI code with the password in the SMI memory headroom, check that the user inputs password, and the application program to moving under the operating system, corresponding returning " coupling " or " not matching " indication.
By step 314 or 316, process is carried out to step 318, checks in this in step and returns indication, arrive step 320 subsequently, judges in this step whether what return is that " coupling " indicates.If not, process turns back to step 308, and the prompting user heavily inputs password.If process goes to step 322, in this step, application program continues to carry out the task of requiring password, until requiring another password.
How to use an example of the present invention to be, require the password approval for quick memory refreshing operation.In the past, be stored in the password that can lock Nonvolatile memory for use and upgrade for the quick internal memory, under any operating system of the most basic non-DOS environment, it all is unpractical requiring the password approval.Yet, adopting the present invention, the memory refreshing program can be called the code in the SMI memory headroom fast, and whether requires password before the quick memory refreshing operation of inquiry execution.If answer is a "Yes", memory refreshing program prompts user inputs password fast.After the password input, call the SMI code, check the validity of input password.The SMI code will input password and safe storage compares in the data of SMI memory headroom, and quick memory refreshing program is returned/bad indication.
For the application program of moving under the operating system, when allowing mode with safety to access to your password, the present invention is protected the safety of the password of depositing in the storer that locked before os starting.The code of operation is used for verification input password in the SMI memory headroom, because this password is invisible for operating system, thereby has protected the safety of password.
Be important to note that, though the present invention describes in the environment of Full Featured data handling system and/or network, those those skilled in the art should be realized that mechanism of the present invention can be disposed in the usable medium form of computer instruction with various forms, and distribute used concrete signal bearing medium type regardless of actual the realization, effect of the present invention all is equal to.The example of computer usable medium comprises: non-volatile, hard coded formula medium, such as ROM (read-only memory) (ROM) or Electrically Erasable Read Only Memory (EEPROM), recordable media, such as floppy disk, hard disk drive and CD-ROM, and transmission medium, such as digital and analog communication link.
Though the present invention is specifically described and describes with reference to preferred embodiment, those only it is apparent to those skilled in the art that otherwise depart from essence of the present invention and scope, can carry out various variations in form and details.
Claims (33)
1. method that can password safe in utilization comprises:
During opening electric initialization, before starting the operating system, in the secret subregion (to operating system is sightless) of private data from the memory copy to the Installed System Memory;
Before starting the operating system, the deadlock storer is in case direct access, and unlocking needs a reset signal.
2. according to the method for claim 1, further comprise:
As the response to reception input password under the operating system, the routine of operation is come this password of verification in the secret subregion of calling system internal memory;
From this routine receive about input password whether mate the indication of the password the private data from memory copy to secret subregion.
3. according to the process of claim 1 wherein, the step with the secret subregion (to operating system is sightless) of private data from the memory copy to the Installed System Memory further comprises:
The return address of the call request of private data is duplicated in inspection, verifies that this calls whether from trust routine.
4. according to the method for claim 3, wherein, check its return address for the call request of duplicating private data, whether this calls from the step of trust routine with verification, further comprises:
In basic I/O service routine, a sign is set, after the call request instruction of duplicating private data, carries out the process of duplicating private data immediately;
Sign in the code that moves in the secret subregion for Installed System Memory is provided with an address, and checks the return address of duplicating the private data call request;
Compare return address and home address;
As the response of home address that the judgement return address is not matched, the call request of duplicating private data is returned sky;
As to judging the response of matching identification address, return address, duplicate private data to the secret subregion of Installed System Memory and the retryCounter that resets.
5. according to the process of claim 1 wherein, the step with the secret subregion (this subregion to operating system be sightless) of private data from the memory copy to the Installed System Memory further comprises:
Duplicating password needs protection with the sensitive data of avoiding visiting under the operating system with other.
6. according to the process of claim 1 wherein, the step with the secret subregion (this subregion to operating system be sightless) of private data from the memory copy to the Installed System Memory further comprises:
Before just opening the call request of duplicating private data, private data is loaded in the conventional system internal memory; And
After receiving any response of duplicating the private data request, before starting the operating system, from the conventional system internal memory, delete private data.
7. method that can password safe in utilization comprises:
As response to reception input password under the operating system, the routine of operation in the secret subregion of calling system internal memory, come this password of verification, wherein secret subregion is sightless to operating system, and communicating by letter with meeting and call standard between operating system and the routine that runs on secret subregion; And
The routine of moving in the secret subregion of Installed System Memory only accept about input password whether mate the indication that secret section post is deposited password.
8. according to the method for claim 7, further comprise:
During opening electric initialization, before starting the operating system, with the secret subregion of password from the memory copy to the Installed System Memory; And
Before starting the operating system, the deadlock storer is in case direct access, and unlocking needs a reset signal.
9. according to the method for claim 7, further comprise:
Whether the routine check password that moves in the secret subregion by the check system internal memory exists, and whether needs password to judge an operation.
10. according to the method for claim 7, further comprise:
Limited subscriber re-enters the number of retries of password.
11. the method according to claim 7 further comprises:
To meet the mode of calling standard, send user's input password to move in the secret subregion of Installed System Memory routine; And
The routine of moving in the secret subregion of internal memory receives institute's indication that the secret section post of coupling deposits password that inputs password, and as the response to this indication, continuing to carry out needs institute's executable operation of ability that inputs password.
12. a data disposal system comprises:
A storer, it can be by deadlock in case direct access, unlocking needs a reset signal;
That moves in data disposal system opens electric initialization routine, wherein, this opened electric initialization routine before starting the operating system, with (this subregion is sightless to operating system) in the secret subregion of private data from the memory copy to the Installed System Memory, and the deadlock storer.
13. data handling system according to claim 12, wherein, open electric initialization routine, as to receiving under the operating system response of input password, the routine of moving in the secret subregion of calling system internal memory, come this password of verification, and from this routine, receive about input password whether mate an indication of password the private data from memory copy to secret subregion.
14. according to the data handling system of claim 13, wherein, the routine of moving in the secret subregion of Installed System Memory is checked the return address of the call request duplicate private data, whether this calls from trust routine with verification.
15. data handling system according to claim 13, wherein, open electric initialization routine, check this to call for ease of the return address of duplicating the call request of private data by inspection whether from trust routine, in basic I/O service routine, a sign is set, after duplicating the request instruction of private data, carry out the process of duplicating private data immediately, wherein, the routine of moving in the secret subregion of Installed System Memory comprises this home address, the return address of private data call request is duplicated in inspection, and compares return address and home address, and conduct is to judging the two unmatched response, the call request of duplicating private data is returned sky, as to judging the response of the two coupling, private data is copied to the secret subregion of Installed System Memory and the retryCounter that resets.
16., wherein, open electric initialization routine and duplicate password and other and need protection with the sensitive data of avoiding visiting under the operating system according to the data handling system of claim 12.
17. data handling system according to claim 12, wherein, open electric initialization routine, before just opening the call request of duplicating private data, private data is loaded in the conventional system internal memory, and after receiving any response of duplicating the private data call request, before starting the operating system, from the conventional system internal memory, delete private data.
18. data handling system comprises:
An operating system;
A storer, it can be by deadlock in case direct access, unlocking needs a reset signal;
An Installed System Memory, it comprises a sightless secret subregion of operating system, and wherein, communicating by letter meet between the routine in operating system and the secret subregion that runs on Installed System Memory called standard;
That moves in the data handling system opens electric initialization routine, wherein, open electric initialization routine as response to reception input password under the operating system, the routine of operation in the secret subregion of calling system internal memory, come this password of verification, and receive only about the input password whether mate the indication that secret section post is deposited password in the routine of from the secret subregion of internal memory, moving.
19. data handling system according to claim 18, wherein, open electric initialization routine, during opening electric initialization, before starting the operating system, with the secret subregion of password from the memory copy to the Installed System Memory, and before starting the operating system, the deadlock storer is in case direct access, and unlocking needs a reset signal.
20. according to the data handling system of claim 18, wherein, open electric initialization routine, whether the routine of moving in the secret subregion by the check system internal memory comes authentication password to exist, and whether needs password to judge an operation.
21. according to the data handling system of claim 18, wherein, operation limits the number of retries that the user re-enters password with the routine of verification password in the secret subregion of Installed System Memory.
22. data handling system according to claim 18, wherein, open electric initialization routine, to meet the mode of calling standard, the user is inputed password be sent to the routine of moving in the secret subregion of Installed System Memory, and receive in the routine from the secret subregion of internal memory, moved of response, institute's indication that the secret section post of coupling is deposited password that inputs password, continuing to carry out need the operation that input password and could carry out.
23. computer program can password safe in utilization, on the computer usable medium comprises:
Open during the electric initialization, before starting the operating system, operating system with the instruction of the secret subregion (invisible) of private data from the memory copy to the Installed System Memory;
The deadlock storer is in case the instruction of direct access, and before starting the operating system, unlocking needs a reset signal.
24. the computer program according to claim 23 further comprises:
As the response that receives the input password under the operating system, the routine of operation is with the instruction of this password of verification in the secret subregion of calling system internal memory;
From this routine, receive the instruction of an indication, this indication reflect the password in the private data of whether mating the secret subregion from the memory copy to the Installed System Memory that inputs password.
25. according to the computer program of claim 23, wherein, the instruction with the secret subregion (to operating system invisible) of private data from the memory copy to the Installed System Memory further comprises:
Inspection is duplicated the return address of the call request of private data and whether is called the instruction from trust routine to verify this.
26. according to the computer program of claim 25, wherein, whether call from the instruction of trust routine to verify this return address of checking the call request duplicate private data, further comprises:
In basic I/O service routine, sign is set, after duplicating the instruction of private data call request, carries out the instruction of duplicating the private data process immediately;
Operation and check home address in the code of return address of the call request duplicate private data in the secret subregion of Installed System Memory;
The relatively instruction of return address and home address;
As the response of home address that the judgement return address is not matched, the call request of duplicating private data is returned empty instruction;
As to judging the response of matching identification address, return address, duplicate the instruction of private data to the secret subregion and the retryCounter that resets of Installed System Memory.
27. according to the computer program of claim 23, wherein, the instruction with the secret subregion (for operating system is sightless) of private data from the memory copy to the Installed System Memory further comprises:
Duplicating password and other needs protection with the instruction of the sensitive data avoiding visiting under the operating system.
28. according to the computer program of claim 23, wherein, the instruction with the secret subregion (for operating system is sightless) of private data from the memory copy to the Installed System Memory further comprises:
Before just opening the call request of duplicating private data, private data is loaded into the instruction of conventional system internal memory; And
After any response that receives the call request of duplicating private data, before starting the operating system, the instruction that private data is deleted from the conventional system internal memory.
29. computer program can password safe in utilization, on the computer usable medium comprises:
As response to reception input password under the operating system, the instruction that the routine of operation is come this password of verification in the secret subregion of calling system internal memory, wherein, the secret subregion of Installed System Memory is invisible to operating system, and communicating by letter with meeting and call standard between the routine of operation in operating system and the secret subregion;
The routine of moving in the secret subregion of internal memory receive only about input password and whether deposit the instruction of the indication of password coupling with secret section post.
30. the computer program according to claim 29 further comprises:
During opening electric initialization, before starting the operating system, with the instruction of the secret subregion of password from the memory copy to the Installed System Memory; And
The deadlock storer is in case directly Fang Wen instruction, and unlocking before starting the operating system needs a reset signal.
31. the computer program according to claim 29 further comprises:
Whether the routine of moving in the secret subregion by the check system internal memory exists with authentication password, judges whether an operation needs the instruction of password.
32. the computer program according to claim 29 further comprises:
Limited subscriber re-enters the instruction of the number of retries of password.
33. the computer program according to claim 29 further comprises:
To meet the mode of calling standard, the user input password sends the instruction of the routine of moving in the secret subregion of Installed System Memory to; And
The routine that response moves from the secret subregion of internal memory receives input password and deposits the indication that password mates with secret section post, continues to carry out the instruction that needs the executable operation of ability that inputs password.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US09/711,028 US7200761B1 (en) | 2000-11-09 | 2000-11-09 | Method to use secure passwords in an unsecure program environment |
| US09/711,028 | 2000-11-09 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1353365A true CN1353365A (en) | 2002-06-12 |
| CN1185584C CN1185584C (en) | 2005-01-19 |
Family
ID=24856491
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB011378301A Expired - Fee Related CN1185584C (en) | 2000-11-09 | 2001-11-08 | Use method of safety cipher in nonsafety programming environment |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US7200761B1 (en) |
| KR (1) | KR100486639B1 (en) |
| CN (1) | CN1185584C (en) |
| TW (1) | TW546565B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100356351C (en) * | 2002-11-21 | 2007-12-19 | 国际商业机器公司 | System and method for code authentication |
| CN100369009C (en) * | 2004-12-30 | 2008-02-13 | 英业达股份有限公司 | Monitor system and method capable of using interrupt signal of system management |
| CN101387990B (en) * | 2007-09-14 | 2011-06-08 | 盛群半导体股份有限公司 | Data locking method of microcontroller program internal memory, system and the microcontroller |
| CN101369304B (en) * | 2007-08-13 | 2011-08-24 | 华硕电脑股份有限公司 | Computer system starting and hard disk data protection method, and its data protection module |
| CN1910531B (en) * | 2003-12-30 | 2012-05-30 | 意大利电信股份公司 | Method and system used for key control of data resource, related network |
| CN102682227A (en) * | 2011-03-09 | 2012-09-19 | 国民技术股份有限公司 | Method and system for enhancing TCM (Trusted Cryptography Module) application as well as trusted computing processing method |
| US8775799B2 (en) | 2006-05-09 | 2014-07-08 | Samsung Electronics Co., Ltd. | Apparatus and method of securely moving security data |
Families Citing this family (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7395434B2 (en) * | 2002-05-01 | 2008-07-01 | Hewlett-Packard Development Company, L.P. | Method for secure storage and verification of the administrator, power-on password and configuration information |
| US7974416B2 (en) | 2002-11-27 | 2011-07-05 | Intel Corporation | Providing a secure execution mode in a pre-boot environment |
| EP1669834A4 (en) * | 2003-10-02 | 2009-02-04 | Panasonic Corp | Security system for electronic device |
| JP4550526B2 (en) * | 2004-08-27 | 2010-09-22 | レノボ シンガポール プライヴェート リミテッド | Information processing system, information processing apparatus, registration server, control program, and control method |
| US10636040B2 (en) | 2005-03-16 | 2020-04-28 | Dt Labs, Llc | Apparatus for customer authentication of an item |
| US7941376B2 (en) * | 2005-03-16 | 2011-05-10 | Dt Labs, Llc | System and method for customer authentication of an item |
| US8261058B2 (en) | 2005-03-16 | 2012-09-04 | Dt Labs, Llc | System, method and apparatus for electronically protecting data and digital content |
| US7937579B2 (en) * | 2005-03-16 | 2011-05-03 | Dt Labs, Llc | System, method and apparatus for electronically protecting data and digital content |
| US20100005509A1 (en) * | 2005-03-16 | 2010-01-07 | Dt Labs, Llc | System, method and apparatus for electronically protecting data and digital content |
| US8613107B2 (en) * | 2005-03-16 | 2013-12-17 | Dt Labs Development, Llc | System, method and apparatus for electronically protecting data associated with RFID tags |
| US7552467B2 (en) * | 2006-04-24 | 2009-06-23 | Jeffrey Dean Lindsay | Security systems for protecting an asset |
| US8285851B2 (en) * | 2007-01-08 | 2012-10-09 | Apple Inc. | Pairing a media server and a media client |
| JP4359636B2 (en) * | 2007-07-06 | 2009-11-04 | 京セラミタ株式会社 | Authentication apparatus, authentication method, and authentication program |
| KR101249831B1 (en) * | 2007-08-06 | 2013-04-05 | 삼성전자주식회사 | Computer system and method for booting the same |
| TW200907803A (en) * | 2007-08-13 | 2009-02-16 | Asustek Comp Inc | Method for excuting power-on procedure and protecting hard disk drive data of computer and data protection module thereof |
| CN101216807B (en) * | 2008-01-03 | 2010-12-01 | 无敌科技(西安)有限公司 | Hard disk copying-proof method |
| US8924306B2 (en) * | 2008-02-20 | 2014-12-30 | International Business Machines Corporation | Remote computer rebooting tool |
| EP2433238B1 (en) * | 2009-05-18 | 2015-10-07 | Hewlett-Packard Development Company, L.P. | Systems and methods of determining a trust level from system management mode |
| US9355282B2 (en) * | 2010-03-24 | 2016-05-31 | Red Hat, Inc. | Using multiple display servers to protect data |
| CN102270162B (en) * | 2011-07-29 | 2013-01-16 | 中国航天科技集团公司第五研究院第五一三研究所 | Fault-tolerant guide method applied to SPARCV8 structure computer |
| US20140283060A1 (en) * | 2013-03-15 | 2014-09-18 | Oracle International Corporation | Mitigating vulnerabilities associated with return-oriented programming |
| US9734326B2 (en) * | 2014-02-04 | 2017-08-15 | Nxp Usa, Inc. | Dynamic interrupt stack protection |
| US9230093B1 (en) * | 2014-10-13 | 2016-01-05 | Celestica Technology Consultancy (Shanghai) Co., Ltd. | Protection method and system for computer security |
| JP6438353B2 (en) * | 2015-05-27 | 2018-12-12 | ルネサスエレクトロニクス株式会社 | Semiconductor device and diagnostic test method |
| US10691447B2 (en) * | 2016-10-07 | 2020-06-23 | Blackberry Limited | Writing system software on an electronic device |
| US11520895B2 (en) | 2020-12-07 | 2022-12-06 | Samsung Electronics Co., Ltd. | System and method for dynamic verification of trusted applications |
Family Cites Families (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPS63148358A (en) * | 1986-12-12 | 1988-06-21 | Canon Inc | Protecting device |
| KR890015103A (en) * | 1988-03-31 | 1989-10-28 | 최근선 | Computer motion protection system |
| US6009495A (en) | 1989-12-29 | 1999-12-28 | Packard Bell Nec | Protected address range in an electrically erasable programmable read only memory |
| EP0449242A3 (en) * | 1990-03-28 | 1992-10-28 | National Semiconductor Corporation | Method and structure for providing computer security and virus prevention |
| US5537544A (en) * | 1992-09-17 | 1996-07-16 | Kabushiki Kaisha Toshiba | Portable computer system having password control means for holding one or more passwords such that the passwords are unreadable by direct access from a main processor |
| KR940020215A (en) * | 1993-02-18 | 1994-09-15 | 박표서 | How computer information is secure |
| US6032256A (en) * | 1995-01-09 | 2000-02-29 | Bernard; Peter Andrew | Power controlled computer security system and method |
| US6178550B1 (en) * | 1995-01-31 | 2001-01-23 | Dell Usa | Mechanism for optimizing location of machine-dependent code |
| US5944821A (en) * | 1996-07-11 | 1999-08-31 | Compaq Computer Corporation | Secure software registration and integrity assessment in a computer system |
| US5742758A (en) * | 1996-07-29 | 1998-04-21 | International Business Machines Corporation | Password protecting ROM based utilities in an adapter ROM |
| US5850559A (en) * | 1996-08-07 | 1998-12-15 | Compaq Computer Corporation | Method and apparatus for secure execution of software prior to a computer system being powered down or entering a low energy consumption mode |
| US5953422A (en) * | 1996-12-31 | 1999-09-14 | Compaq Computer Corporation | Secure two-piece user authentication in a computer network |
| US5887131A (en) * | 1996-12-31 | 1999-03-23 | Compaq Computer Corporation | Method for controlling access to a computer system by utilizing an external device containing a hash value representation of a user password |
| US6343338B1 (en) * | 1997-04-01 | 2002-01-29 | Microsoft Corporation | System and method for synchronizing disparate processing modes and for controlling access to shared resources |
| US5964877A (en) | 1997-04-07 | 1999-10-12 | Victor; David William | Method and system for programming a security system to protect a protected unit |
| JP3943665B2 (en) * | 1997-09-01 | 2007-07-11 | 株式会社東芝 | Sleep control method and event notification method |
| US5974500A (en) | 1997-11-14 | 1999-10-26 | Atmel Corporation | Memory device having programmable access protection and method of operating the same |
| US6128732A (en) * | 1997-12-15 | 2000-10-03 | Compaq Computer Corporation | Implementing universal serial bus support with a minimum of system RAM |
| US6223284B1 (en) * | 1998-04-30 | 2001-04-24 | Compaq Computer Corporation | Method and apparatus for remote ROM flashing and security management for a computer system |
| KR100310093B1 (en) * | 1998-07-15 | 2001-11-15 | 윤종용 | Security method of personal computer using password |
| US6212592B1 (en) * | 1998-09-17 | 2001-04-03 | Micron Technology, Inc. | Computer system for processing system management interrupt requests |
| US6336185B1 (en) * | 1998-09-24 | 2002-01-01 | Phoenix Technologies Ltd. | Use of other processors during BIOS boot sequence to minimize boot time |
-
2000
- 2000-11-09 US US09/711,028 patent/US7200761B1/en not_active Expired - Fee Related
-
2001
- 2001-10-27 KR KR10-2001-0066523A patent/KR100486639B1/en not_active IP Right Cessation
- 2001-11-06 TW TW090127550A patent/TW546565B/en not_active IP Right Cessation
- 2001-11-08 CN CNB011378301A patent/CN1185584C/en not_active Expired - Fee Related
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100356351C (en) * | 2002-11-21 | 2007-12-19 | 国际商业机器公司 | System and method for code authentication |
| CN1910531B (en) * | 2003-12-30 | 2012-05-30 | 意大利电信股份公司 | Method and system used for key control of data resource, related network |
| CN100369009C (en) * | 2004-12-30 | 2008-02-13 | 英业达股份有限公司 | Monitor system and method capable of using interrupt signal of system management |
| US8775799B2 (en) | 2006-05-09 | 2014-07-08 | Samsung Electronics Co., Ltd. | Apparatus and method of securely moving security data |
| CN101369304B (en) * | 2007-08-13 | 2011-08-24 | 华硕电脑股份有限公司 | Computer system starting and hard disk data protection method, and its data protection module |
| CN101387990B (en) * | 2007-09-14 | 2011-06-08 | 盛群半导体股份有限公司 | Data locking method of microcontroller program internal memory, system and the microcontroller |
| CN102682227A (en) * | 2011-03-09 | 2012-09-19 | 国民技术股份有限公司 | Method and system for enhancing TCM (Trusted Cryptography Module) application as well as trusted computing processing method |
| CN102682227B (en) * | 2011-03-09 | 2015-08-12 | 国民技术股份有限公司 | A kind of method and system, trust computing disposal route strengthening TCM application |
Also Published As
| Publication number | Publication date |
|---|---|
| US7200761B1 (en) | 2007-04-03 |
| KR100486639B1 (en) | 2005-05-03 |
| CN1185584C (en) | 2005-01-19 |
| KR20020036696A (en) | 2002-05-16 |
| TW546565B (en) | 2003-08-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1185584C (en) | Use method of safety cipher in nonsafety programming environment | |
| US6253324B1 (en) | Server verification of requesting clients | |
| JP4728120B2 (en) | System and method for protecting portable data | |
| US7313705B2 (en) | Implementation of a secure computing environment by using a secure bootloader, shadow memory, and protected memory | |
| US5012514A (en) | Hard drive security system | |
| US6266773B1 (en) | Computer security system | |
| US8195938B2 (en) | Cloud-based application whitelisting | |
| US8402269B2 (en) | System and method for controlling exit of saved data from security zone | |
| US6189099B1 (en) | Notebook security system (NBS) | |
| WO2010061801A1 (en) | Client computer for protecting confidential file, server computer therefor, method therefor, and computer program | |
| US20090150631A1 (en) | Self-protecting storage device | |
| MX2007011377A (en) | Secure boot. | |
| US20180330076A1 (en) | Hacking-Resistant Computer Design | |
| US20030070099A1 (en) | System and methods for protection of data stored on a storage medium device | |
| CN101046776A (en) | Random password automatically generated by BIOS for securing a data storage device | |
| US20020152396A1 (en) | Method for secure restoration of a database stroring non-secure content | |
| KR20010100011A (en) | Assuring data integrity via a secure counter | |
| US6763465B1 (en) | Method of ensuring that the PC is not used to make unauthorized and surreptitious telephone calls | |
| CN110807186B (en) | Method, device, equipment and storage medium for safe storage of storage equipment | |
| US7694154B2 (en) | Method and apparatus for securely executing a background process | |
| GB2372592A (en) | Information system | |
| KR20030049387A (en) | Extended smart card system and the controlling method | |
| Kim et al. | Linux based unauthorized process control | |
| Goovaerts et al. | Assessment of palm OS susceptibility to malicious code threats | |
| JPH02216561A (en) | Multi-level secrecy protective system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C06 | Publication | ||
| PB01 | Publication | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20050119 Termination date: 20101108 |